Backing up and Restoring an EventLog Analyzer instance | Online help - EventLog Analyzer

How to backup and restore an EventLog Analyzer instance?

Backup Process:


IMPORTANT: A backup of EventLog Analyzer should not be taken when the instance is running.

  1. Stop the ManageEngine EventLog Analyzer service.

  2. Open a command prompt with admin privileges.

  3. Navigate to <dir>:\ManageEngine\EventLog Analyzer\bin.

  4. Execute the following commands to ensure that the instance is completely shut down:

    1. shutdown.bat

    2. stopDB.bat

    3. stopSEC.bat

  5. In the same cmd window, navigate to <dir>:\ManageEngine\EventLog Analyzer\ES\bin or <dir>:\ManageEngine\elasticsearch\ES\bin.

  6. Execute the following command to ensure that the Elasticsearch engine is stopped.

    1. StopES.bat

  7. Open Task Manager ⇾ Details tab and ensure that the wrapper.exe, SysEvtCol.exe, postgres.exe, and java.exe processes are not running from EventLog Analyzer installation directory path. If they are running, end the task manually.

  8. Take a copy of the entire ManageEngine\EventLog Analyzer as well as ManageEngine\Elasticsearch directory or take a snapshot of the Virtual Machine.

  9. Now that the backup is complete, start the ManageEngine EventLog Analyzer service.

  10. Then, go to the <dir>:\ManageEngine\EventLog Analyzer\logs folder open wrapper.log file go to the end of the document check for the line "Connect to: [http://localhost:8400]". This ensures that all the modules are started and the instance is up and running. 

Note: Full backup (periodical) of the EventLog Analyzer server is always recommended, in case of product disaster recovery.

For Database backup, please refer to the instructions provided here.
Restoration Process:
  1. Copy the backed up folder to the original location.

  2. Open a command prompt with administrator privilege.

  3. Navigate to <dir>:\ManageEngine\EventLog Analyzer\bin.

  4. Execute initpgsql.bat.

  5. Make sure the service is installed, if it is a new path.

  6. Start the ManageEngine EventLog Analyzer service.

  7. Or else, you can simply restore the VM Snapshot and start the ManageEngine EventLog Analyzer service.

                  New to ADSelfService Plus?

                    • Related Articles

                    • Unable to start EventLog Analyzer

                      Issue description This issue occurs when the EventLog Analyzer service fails to start, or when users are unable to access the web client through the browser (typically on ports 8400 or 8445). Users may experience one or more of the following ...
                    • How to back up EventLog Analyzer

                      Objective This article will help you perform a manual folder backup, which can be used for restoring the ManageEngine EventLog Analyzer installation with all existing configurations. Prerequisites Access to the EventLog Analyzer server with full ...
                    • How to use backup verification codes in EventLog Analyzer

                      Objective To guide users on how to use backup verification codes in EventLog Analyzer to access their accounts when their primary two-factor authentication (2FA) method is unavailable. Prerequisite 2FA must be enabled for the user account in EventLog ...
                    • How to generate backup verification codes in EventLog Analyzer

                      Objective To guide users on generating backup verification codes in EventLog Analyzer, enabling secure account access when the primary two-factor authentication (2FA) method is unavailable. Prerequisites 2FA must be enabled for the user account in ...
                    • Introduction to EventLog Analyzer

                      What is log management?  An enterprise network consists of different entities—perimeter devices, workstations, servers, applications, and more. Each entity records every activity that unfolds within it in the form of logs. These logs hold information ...